NSCD doesn't support services?
This weekend, I struggled to figure out why LDAP wasn't queried for
service names, though it was queried for user & group names.
nsswitch.conf wasn't the problem, it was libnss-ldap.conf & NSCD.
My libnss-ldap.conf isn't world readable, to protect my LDAP password.
This requires NSCD, because NSCD runs with root's permissions. However,
I learned that NSCD only supports passwd, group, & hosts name services;
from the nscd.conf man page:
Currently, service can be one of paswd, group, or hosts.
I gather either I must expose my LDAP password, or I can't use LDAP for
service names.
It would be nice if NSCD at least proxied each of the name services
supported by glibc, whether or not it implemented a cache for each.
Jack
Reply to: